iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
A healthcare and emergency services software provider has announced that a ransomware attack on its systems has compromised the data of 2.7 million customers.
ESO Solutions, a software provider based in Austin, Texas, and which provides solutions to companies around the world, including Australia, issued a statement announcing the breach, which it said it detected back in September.
“On September 28, 2023, we detected and stopped a sophisticated ransomware incident, in which an unauthorised third party accessed and encrypted some of ESO’s computer systems,” wrote ESO Solutions.
The company’s investigation into the incident, in which it has engaged the aid of the FBI, has uncovered that customer data was accessed by the unauthorised party behind the breach. ESO Solutions has said that data includes names, phone numbers, addresses, and “some sensitive personal information and/or protected health information”, including US Social Security numbers, procedure information, diagnosis data, type of treatment and more.
Furthermore, as discovered by Cyber Daily, a number of healthcare organisations, all based in the US, have been affected by the breach. These include Mississippi Baptist Medical Center, Merit Health Biloxi and Merit Health River Oaks. No Australian healthcare providers were affected.
ESO Solutions said that despite the data being accessed, it has found no evidence to suggest that the information accessed has been used for malicious purposes.
“Please know that we have taken all reasonable steps to prevent the data from being further published or distributed and have notified and are working with federal law enforcement to investigate,” it said.
Beginning on 12 December, ESO Solutions began informing affected customers of the incident, and it has said it is offering whose personally identifiable information (PII) was accessed with identity theft protection and complimentary credit monitoring.
At this stage in the investigation, the threat actor behind the incident is yet to be identified, and while ESO Solutions said the incident was indeed a ransomware attack, it has not disclosed any details.
Be the first to hear the latest developments in the cyber industry.
